Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/7d0029-f330-4a66-bedc-42f2ff859373/1/6-RA0iBOcyKq8rldaAc5kALjHBE.roa
File: 6-RA0iBOcyKq8rldaAc5kALjHBE.roa (raw, json)
Hash identifier: z4BW2PE0DzWRxQy5/ro25lrN4UJzpPcHHBBovaeEISQ=
Subject key identifier: EB:E4:40:D2:20:4E:73:22:AA:F2:B9:5D:68:07:39:90:02:E3:1C:11
Certificate issuer: /CN=ec535f4c8680ce0dba4a03d95e665c93cc99ceb9
Certificate serial: 01958012069386B194F5AF5268A7092ACFA9
Authority key identifier: EC:53:5F:4C:86:80:CE:0D:BA:4A:03:D9:5E:66:5C:93:CC:99:CE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7FNfTIaAzg26SgPZXmZck8yZzrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/7d0029-f330-4a66-bedc-42f2ff859373/1/6-RA0iBOcyKq8rldaAc5kALjHBE.roa
Signing time: Mon 10 Mar 2025 12:40:19 +0000
ROA not before: Mon 10 Mar 2025 12:40:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204671
IP address blocks: 2001:678:5e0::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 12 Mar 2025 12:56:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:80:12:06:93:86:b1:94:f5:af:52:68:a7:09:2a:cf:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec535f4c8680ce0dba4a03d95e665c93cc99ceb9
Validity
Not Before: Mar 10 12:40:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ebe440d2204e7322aaf2b95d6807399002e31c11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:17:f0:42:79:4e:a1:18:83:d5:05:a2:e0:5a:
0c:ef:c4:d7:ce:74:8a:95:98:52:01:a9:6e:a5:24:
27:83:45:a0:b1:be:a7:b6:3d:f7:78:4e:c4:87:0f:
d1:84:ad:42:6c:36:0c:16:19:e8:6b:78:ca:07:07:
eb:c9:c5:1a:6d:6f:b1:73:f2:c6:d9:c9:cc:9d:e3:
c9:2a:3c:22:13:83:ab:26:ad:1c:5e:6f:18:0e:e3:
04:61:2e:b5:3a:2e:75:d2:4d:4a:50:85:f6:e8:49:
f8:44:f3:e9:20:c9:2a:63:24:63:58:18:bc:13:c3:
a1:04:53:af:db:76:b4:17:b9:06:9f:6a:0e:3d:84:
c1:3a:6a:87:b9:ee:55:c2:bd:97:41:55:8d:b7:d5:
a6:a0:63:ef:2a:71:45:ac:4d:65:d6:21:91:e9:87:
12:e5:15:60:df:13:fd:b1:57:7d:5d:ef:47:ac:2f:
2f:d6:43:4c:4f:06:6b:40:8d:f0:72:cd:1e:97:1d:
38:57:82:f6:14:6c:95:54:c7:87:7f:47:5c:86:7a:
13:1a:a1:29:cf:77:03:6b:52:0b:7f:cc:f5:eb:fd:
d2:8c:a0:47:e0:96:7f:77:08:75:c2:fd:94:ca:6a:
5a:ee:1e:31:90:4d:31:33:81:f2:1d:18:d8:74:b5:
ea:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:E4:40:D2:20:4E:73:22:AA:F2:B9:5D:68:07:39:90:02:E3:1C:11
X509v3 Authority Key Identifier:
keyid:EC:53:5F:4C:86:80:CE:0D:BA:4A:03:D9:5E:66:5C:93:CC:99:CE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7FNfTIaAzg26SgPZXmZck8yZzrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/7d0029-f330-4a66-bedc-42f2ff859373/1/6-RA0iBOcyKq8rldaAc5kALjHBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/7d0029-f330-4a66-bedc-42f2ff859373/1/7FNfTIaAzg26SgPZXmZck8yZzrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:5e0::/48
Signature Algorithm: sha256WithRSAEncryption
78:8e:e3:42:23:25:30:ae:70:03:34:6b:2b:5a:b2:77:b1:f3:
b4:1a:2f:48:c5:c1:6e:35:33:c0:83:92:72:61:56:83:17:b8:
2a:f4:7e:13:93:b4:8a:e9:08:95:e8:56:fd:00:04:2d:9d:22:
5c:31:e0:57:b9:1c:e3:59:73:66:e2:12:d7:b4:d0:6d:52:82:
0e:cd:73:a5:6a:e4:67:56:d6:3a:a0:20:32:f5:4e:e5:9e:df:
2c:0f:cc:42:c1:fb:f7:99:f5:5f:cf:21:e2:a0:19:f3:34:bc:
9a:e9:75:27:b1:af:a2:f8:80:9b:d1:07:9d:79:3c:64:73:3e:
04:24:fe:e5:36:da:c6:1c:16:b1:2f:23:63:e3:12:bb:a8:ca:
f3:0a:73:dd:ee:b4:1f:12:2d:fa:aa:c4:db:41:4b:8b:e4:e4:
2b:18:42:de:88:88:54:3b:d4:94:58:28:8b:7c:21:e2:b3:62:
ed:fa:97:57:f2:54:cf:65:a0:fb:43:af:ac:71:1c:86:67:0b:
ea:f1:8b:7f:4a:b2:6c:b3:e6:d8:73:39:8a:d6:94:c3:36:5a:
72:db:1a:79:06:9e:be:c8:f9:76:dc:c4:80:d7:b1:e2:24:67:
78:bd:29:dd:21:42:6e:52:a2:9d:0c:e1:ce:fc:6a:a0:98:4c:
08:0d:24:c8
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZWAEgaThrGU9a9SaKcJKs+pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNTM1ZjRjODY4MGNlMGRiYTRhMDNkOTVlNjY1YzkzY2M5
OWNlYjkwHhcNMjUwMzEwMTI0MDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmU0NDBkMjIwNGU3MzIyYWFmMmI5NWQ2ODA3Mzk5MDAyZTMxYzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBfwQnlOoRiD1QWi4FoM78TXznSK
lZhSAalupSQng0Wgsb6ntj33eE7Ehw/RhK1CbDYMFhnoa3jKBwfrycUabW+xc/LG
2cnMnePJKjwiE4OrJq0cXm8YDuMEYS61Oi510k1KUIX26En4RPPpIMkqYyRjWBi8
E8OhBFOv23a0F7kGn2oOPYTBOmqHue5Vwr2XQVWNt9WmoGPvKnFFrE1l1iGR6YcS
5RVg3xP9sVd9Xe9HrC8v1kNMTwZrQI3wcs0elx04V4L2FGyVVMeHf0dchnoTGqEp
z3cDa1ILf8z16/3SjKBH4JZ/dwh1wv2Uympa7h4xkE0xM4HyHRjYdLXqpwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFOvkQNIgTnMiqvK5XWgHOZAC4xwRMB8GA1UdIwQY
MBaAFOxTX0yGgM4NukoD2V5mXJPMmc65MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0ZOZlRJYUF6ZzI2U2dQWlhtWmNrOHlaenJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS83ZDAwMjktZjMzMC00YTY2LWJlZGMt
NDJmMmZmODU5MzczLzEvNi1SQTBpQk9jeUtxOHJsZGFBYzVrQUxqSEJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS83ZDAwMjktZjMzMC00YTY2LWJlZGMtNDJmMmZmODU5Mzcz
LzEvN0ZOZlRJYUF6ZzI2U2dQWlhtWmNrOHlaenJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAXg
MA0GCSqGSIb3DQEBCwUAA4IBAQB4juNCIyUwrnADNGsrWrJ3sfO0Gi9IxcFuNTPA
g5JyYVaDF7gq9H4Tk7SK6QiV6Fb9AAQtnSJcMeBXuRzjWXNm4hLXtNBtUoIOzXOl
auRnVtY6oCAy9U7lnt8sD8xCwfv3mfVfzyHioBnzNLya6XUnsa+i+ICb0QedeTxk
cz4EJP7lNtrGHBaxLyNj4xK7qMrzCnPd7rQfEi36qsTbQUuL5OQrGELeiIhUO9SU
WCiLfCHis2Lt+pdX8lTPZaD7Q6+scRyGZwvq8Yt/SrJss+bYczmK1pTDNlpy2xp5
Bp6+yPl23MSA17HiJGd4vSndIUJuUqKdDOHO/GqgmEwIDSTI
-----END CERTIFICATE-----
Generated at Fri Apr 18 13:53:54 2025 by rpki-client